No OneTemporary
Actions

Authored By

Unknown

Size

5 KB

Referenced Files

None

Subscribers

None

View Options

	diff --git a/src/app/Http/Controllers/API/AuthController.php b/src/app/Http/Controllers/API/AuthController.php
	index ea36d340..4da8cd2e 100644
	--- a/src/app/Http/Controllers/API/AuthController.php
	+++ b/src/app/Http/Controllers/API/AuthController.php
	@@ -1,174 +1,173 @@
	<?php

	namespace App\Http\Controllers\API;

	use App\Http\Controllers\Controller;
	use App\User;
	use Illuminate\Http\Request;
	use Illuminate\Support\Facades\Auth;
	use Illuminate\Support\Facades\Validator;
	use Laravel\Passport\TokenRepository;
	use Laravel\Passport\RefreshTokenRepository;

	class AuthController extends Controller
	{
	/**
	* Get the authenticated User
	*
	* @return \Illuminate\Http\JsonResponse
	*/
	public function info()
	{
	$user = Auth::guard()->user();
	$response = V4\UsersController::userResponse($user);

	if (!empty(request()->input('refresh'))) {
	return $this->refreshAndRespond(request(), $response);
	}

	return response()->json($response);
	}

	/**
	* Helper method for other controllers with user auto-logon
	* functionality
	*
	* @param \App\User $user User model object
	* @param string $password Plain text password
	* @param string\|null $secondFactor Second factor code if available
	*/
	public static function logonResponse(User $user, string $password, string $secondFactor = null)
	{
	$proxyRequest = Request::create('/oauth/token', 'POST', [
	'username' => $user->email,
	'password' => $password,
	'grant_type' => 'password',
	'client_id' => \config('auth.proxy.client_id'),
	'client_secret' => \config('auth.proxy.client_secret'),
	'scopes' => '[*]',
	'secondfactor' => $secondFactor
	]);

	$tokenResponse = app()->handle($proxyRequest);

	$response = V4\UsersController::userResponse($user);
	$response['status'] = 'success';

	return self::respondWithToken($tokenResponse, $response);
	}

	/**
	* Get an oauth token via given credentials.
	*
	* @param \Illuminate\Http\Request $request The API request.
	*
	* @return \Illuminate\Http\JsonResponse
	*/
	public function login(Request $request)
	{
	- // TODO: Redirect to dashboard if authenticated.
	$v = Validator::make(
	$request->all(),
	[
	- 'email' => 'required\|min:2',
	- 'password' => 'required\|min:4',
	+ 'email' => 'required\|min:3',
	+ 'password' => 'required\|min:1',
	]
	);

	if ($v->fails()) {
	return response()->json(['status' => 'error', 'errors' => $v->errors()], 422);
	}

	$user = \App\User::where('email', $request->email)->first();

	if (!$user) {
	return response()->json(['status' => 'error', 'message' => \trans('auth.failed')], 401);
	}

	return self::logonResponse($user, $request->password, $request->secondfactor);
	}

	/**
	* Log the user out (Invalidate the token)
	*
	* @return \Illuminate\Http\JsonResponse
	*/
	public function logout()
	{
	$tokenId = Auth::user()->token()->id;

	$tokenRepository = app(TokenRepository::class);
	$refreshTokenRepository = app(RefreshTokenRepository::class);

	// Revoke an access token...
	$tokenRepository->revokeAccessToken($tokenId);

	// Revoke all of the token's refresh tokens...
	$refreshTokenRepository->revokeRefreshTokensByAccessTokenId($tokenId);
	return response()->json([
	'status' => 'success',
	'message' => \trans('auth.logoutsuccess')
	]);
	}

	/**
	* Refresh a token.
	*
	* @return \Illuminate\Http\JsonResponse
	*/
	public function refresh(Request $request)
	{
	return self::refreshAndRespond($request);
	}

	/**
	* Refresh the token and respond with it.
	*
	* @param \Illuminate\Http\Request $request The API request.
	* @param array $response Additional response data
	*
	* @return \Illuminate\Http\JsonResponse
	*/
	protected static function refreshAndRespond(Request $request, array $response = [])
	{
	$proxyRequest = Request::create('/oauth/token', 'POST', [
	'grant_type' => 'refresh_token',
	'refresh_token' => $request->refresh_token,
	'client_id' => \config('auth.proxy.client_id'),
	'client_secret' => \config('auth.proxy.client_secret'),
	]);

	$tokenResponse = app()->handle($proxyRequest);

	return self::respondWithToken($tokenResponse, $response);
	}

	/**
	* Get the token array structure.
	*
	* @param \Illuminate\Http\JsonResponse $tokenResponse The response containing the token.
	* @param array $response Additional response data
	*
	* @return \Illuminate\Http\JsonResponse
	*/
	protected static function respondWithToken($tokenResponse, array $response = [])
	{
	$data = json_decode($tokenResponse->getContent());

	if ($tokenResponse->getStatusCode() != 200) {
	if (isset($data->error) && $data->error == 'secondfactor' && isset($data->error_description)) {
	$errors = ['secondfactor' => $data->error_description];
	return response()->json(['status' => 'error', 'errors' => $errors], 422);
	}

	return response()->json(['status' => 'error', 'message' => \trans('auth.failed')], 401);
	}

	$response['access_token'] = $data->access_token;
	$response['refresh_token'] = $data->refresh_token;
	$response['token_type'] = 'bearer';
	$response['expires_in'] = $data->expires_in;

	return response()->json($response);
	}
	}

File Metadata

Mime Type: text/x-diff
Expires: Sat, Apr 4, 7:29 AM (1 w, 5 d ago)
Storage Engine: blob
Storage Format: Raw Data
Storage Handle: 18823021
Default Alt Text: (5 KB)

No OneTemporaryActions

View Options

File Metadata

Event Timeline

No OneTemporary
Actions